CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ VLC Vulnerabilities handling .AMV and .NSV files 1. Advisory Information Title: VLC Vulnerabilities handling .AMV and .NSV files Advisory ID: CORE-2011-0208 Advisory URL:...

HTB22900: Multiple XSS vulnerabilities in SyndeoCMS

Vulnerability ID: HTB22900 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinsyndeocms.html Product: SyndeoCMS Vendor: http://www.syndeocms.org/ http://www.syndeocms.org/ Vulnerable Version: 2.8.02 Vendor Notification: 10 March 2011 Vulnerability Type: XSS Cross Site Scriptin...

NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation

High Risk Vulnerability in Cisco VPN client Windows 64 bit 25 March 2011 Gavin Jones of NGS Secure has discovered a High risk vulnerability in the Cisco VPN client Windows 64 bit. Impact: Privilege Escalation Cisco has released a patch that addresses the issue. The announcement of this patch can ...

HTB22898: XSRF (CSRF) in Ripe website manager

Vulnerability ID: HTB22898 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinripewebsitemanager.html Product: Ripe website manager Vendor: Ripe website manager Team http://www.ripewebsitemanager.com/ Vulnerable Version: 1.1 and probably prior versions Vendor Notification: 10 March 2011...

IBM Lotus Domino Server Controller unauthorized access

User-supplied network file is used for stored user's credentials during TCP/2050 service authentication...

Advantech BroadWin WebAccess multiple security vulnerabilities

Code execution, information leak from TCP/4592 RPC-based service...

libtiff buffer overflow

Buffer overflow in ThunderCode codec, stack overflow...

libvirt protection bypass

No description provided...

HP Discovery & Dependency Mapping Inventory information leak

public community has SNMP read access by default...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

IGSS ODBC Server uninitialized pointer free()

Multiple uninitialized pointer dereference conditions...

TeX (tex-common) shell characters vulnerability

No description provided...

Cisco IPSec information leak

It's possible to check groupname existance...

Linux kernel multiple security vulnerabilities

Privilege escalation, multiple information leaks...

libcgroup security vulnerabilities

Buffer overflow, privilege escalation...

Asterisk DoS

Connection flood leads to resources exhaustion...

Symantec LiveUpdate Administrator crossite request forgery

Crossite request forgery in administration web interface...

Immunity Debugger buffer overflow

Buffer overflow during software update process...

Progea Movicon TCPUploadServer unauthorized access

It's possible to upload and execute file to arbitrary location...

RealPlayer buffer overflow

Buffer overflow on IVR files parsing...

Novell Netware FTP server buffer overflow

rmdir/mkdir/dele commands buffer overflow...

ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability

ZDI-11-109: Pwn2Own Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-109 March 22, 2011 -- CVE ID: CVE-2011-1417 -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P -- Affected Vendors: Apple -- Affected Products: Apple Safari --...

ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability

ZDI-11-107: Libtiff ThunderCode Decoder THUNDER2BITDELTAS Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-107 March 21, 2011 -- CVE ID: CVE-2011-1167 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Libtiff -- Affected Products: Libtiff libtiff --...

HP Client Automation code execution

Code execution with radexecd.exe TCP/3465...

[USN-1089-1] Linux kernel vulnerabilities

=========================================================== Ubuntu Security Notice USN-1089-1 March 18, 2011 linux, linux-ec2 vulnerabilities CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4162, CVE-2010-4163, CVE-2010-4175, CVE-2010-4242...

rogea Movicon TCPUploadServer Remote Exploit

!/usr/bin/python movi.py Progea Movicon TCPUploadServer Remote Exploit Jeremy Brown / jbrown at patchtuesday dot org Mar 2011 TCPUploadServer allows remote users to execute functions on the server without any form of authentication. Impacts include deletion of arbitrary files, execution of a...

NGS00057 Patch Notification: Apple Mac OS X ImageIO Integer Overflow

Apple Mac OS X ImageIO Integer Overflow 22/03/2011 Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. An integer overflow issue exists in ImageIO's handling of JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected...

Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability

Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability 1. OVERVIEW Joomla! 1.6.0 is vulnerable to Full Path Disclosure. 2. BACKGROUND Joomla is a free and open source content management system CMS for publishing content on the World Wide Web and intranets. It comprises a...

ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability

ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-105 March 18, 2011 -- CVE ID: CVE-2011-0889 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

[PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel

PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2011-02 Released on: 16 Mar 2011 Last updated on: 16 Mar 2011 Affected product: Linux Kernel 2.4 and 2.6 Impact: disclosure of sensitive information Origin: storage devices Credit: Timo Warns PRESENSE Technologies GmbH CVE...

Apple HFS+ Information Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Apple HFS+ Information Disclosure Vulnerability Release Date: 2011-03-22 Application: Apple OS X kernel XN...

PHP-Nuke 8.x <= Cross Site Scripting Vulnerability

PHP-Nuke 8.x = Cross Site Scripting Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articl...

AST-2011-004:

Product Asterisk Summary Remote crash vulnerability in TCP/TLS server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On March 1, 2011 Reported By Blake Cornell [email protected] and Chris Maj [email protected]...

[SECURITY] [DSA 2193-1] libcgroup security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2193-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 16, 2011 http://www.debian.org/security/faq -...

ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability

ZDI-11-110: 0day IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-110 March 22, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM Lotus Domino --...

iDefense Security Advisory 03.21.11: Apple OfficeImport Framework Excel Memory Corruption Vulnerability

iDefense Security Advisory 03.21.11 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 21, 2011 I. BACKGROUND The OfficeImport framework is an API used by Apple's mobile devices, including the iPod Touch, iPhone, and iPad. The framework is used to parse and display Microsoft Office file...

NGS00016 Technical Advisory: Immunity Debugger Buffer Overflow

======= Summary ======= Name: Immunity Debugger Buffer Overflow Release Date: 22 March 2011 Reference: NGS00016 Discoverer: Paul Harrington Vendor: Immunity Inc Vendor Reference: Support 3171 Systems Affected: Windows Risk: Low Status: Fixed ======== TimeLine ======== Discovered: 28 October 2010...

XSS in Oracle default fcgi-bin/echo

Long ago, I wrote about an XSS vulnerability in Oracle fcgi-bin/echo : http://lists.grok.org.uk/pipermail/full-disclosure/2010-October/076794.html http://www.securityfocus.com/archive/1/514181 The issue may now be fixed in the latest versions of Oracle web servers:...

[security bulletin] HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Insecure SNMP Configuration

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02757867 Version: 1 HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory DDMI Running on Windows, Insecure SNMP Configuration NOTICE: The information in this Security Bullet...

XSS, AoF и IAA уязвимости в MC Content Manager

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в системе MC Content Manager. Это украинская коммерческая CMS. XSS WASC-08: Уязвимости на страницах регистрации и восстановления пароля. http://websecurity.com.ua/uploads/2011/MC20Content20Manager20XSS.html...

Heap overflow in RealPlayer 14.0.1.633

Luigi Auriemma Application: RealPlayer http://www.real.com Versions: = 14.0.1.633 Platforms: Windows, Macintosh OSX, Linux, Symbian, Palm Bug: heap overflow Exploitation: remote Date: 21 Mar 2011 found 17 Feb 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction ...

Buffer overflow in libtiff in Imagemagick

--Credits: zgmzgmatmail.ustc.edu.cn -- Disclosure Timeline: 3-17-2011 -- Affected Vendor: Imagemagick 6.6.8-5 Libtiff 6.9.4 -- Problem Description: A buffer overflow is triggered by displaying a malformed tiff image by the Imagemagick.The error information is followed: display: malformed.tif: Wro...

NGS00052 Patch Notification: Apple Mac OS X Image RAW Multiple Buffer Overflows

Apple Mac OS X Image RAW Multiple Buffer Overflows 22/03/2011 Paul Harrington of NGS Secure has discovered a High risk vulnerability in Mac OS X Image RAW. Multiple buffer overflow issues existed in Image RAW's handling of Canon RAW images. Viewing a maliciously crafted Canon RAW image may result...

PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability

PHP-Nuke 8.x = Cross Site Request Forgery CSRF / Anti-CSRF Bypass Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower versions are vulnerable to Cross Site Request Forgery CSRF because its Anti-CSRF mechanism Referer Check is found to be broken. 2. BACKGROUND PHP-Nuke is a Web Portal...

PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability

PHP-Nuke 8.x = Blind SQL Injection Vulnerability 1. OVERVIEW The administration backend of PHP-Nuke 8.x is vulnerable to Blind SQL Injection. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and...

NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability

NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1 111 111001 111111111 0 10 1111 0 11 11 111111111 1 1101 10...

IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS

!/usr/bin/python igss.py IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS Jeremy Brown / jbrown at patchtuesday dot org Mar 2011 There are multiple remote uninitialized pointer free conditions in IGSS's ODBC server. By sending a specially crafted packet to listening port 20222, i...

[SECURITY] [DSA 2198-1] tex-common security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2198-1 [email protected] http://www.debian.org/security/ Nico Golde March 22, 2011 http://www.debian.org/security/faq -...

PHP-Nuke 8.x <= Cross Site Scripting Vulnerability

PHP-Nuke 8.x = Cross Site Scripting Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articl...

AST-2011-003:

Product Asterisk Summary Resource exhaustion in Asterisk Manager Interface Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions if manager interface is accessible Severity Moderate Exploits Known No Reported On March 1, 2011 Reported By Blake Cornell...